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TITLE OF THE INVENTION 

DATA USAGE CONTROLLING APPARATUS THAT PREVENTS THE 
UNAUTHORIZED USE OF MAIN DATA BY UPDATING A TYPE 1 AND A 
TYPE 2 KEY USED FOR PROTECTING THE MAIN DATA IN ACCORDANCE 
5 WITH USAGE OF THE MAIN DATA 

BACKGROUND OF THE -INVENTION 

(1) Field of the Invention 

The present invention relates to a data usage 
10 controlling apparatus that limits the usage of main data 
according to judgements made on condition information 
recorded on a same recording medium as the main data. In 
particular, the invention relates to a data usage 
controlling apparatus that encrypts condition information 
15 using a type 2. key and records the encrypted condition 
information onto a recording medium along with the type 
2 key that is encrypted using a type 1 key. 

(2) Related Art 

20 Images and music are increasingly being stored in a 

digital form. Digitization of such information allows 
high quality to be preserved regardless of how often the 
content is used. Since images and music are usually 
subject to copyrights, the ease with which digitized images 

25 and music can be transmitted, copied and distributed makes 
it relatively simple for users to use digitized images and 
audio in an illegal manner. 
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Legal steps are being taken to stop the illegal use 
of copyrighted materials though more importantly several 
data usage controlling systems have been proposed. Such 
systems allow valid usage of digital content, such as 
5 copyrighted material, but prevent illegal operations from 
being made . 

Japanese Laid-Open Patent Application No . H09-185501 
discloses a software executing system as one type of data 
usage controlling system. This system stops users from 

10 illegally using (i.e., executing) software, which is 

regarded as one form of digital content. This software 
executing system is described below. 

FIG. 1 is a first block diagram showing the 
composition of a recording medium 300 and an executing 

15 apparatus 4 00 included in this conventional software 

executing system, while FIG. 2 is a second block diagram 
showing the compositions of the recording medium 300 and 
the executing apparatus 400. In these drawings, the 
executing apparatus 4 00 included in this software 

20 executing system is shown split into the part in FIG. 1 
that handles the execution of software and the part shown 
in FIG. 2 that handles the updating (by encrypting with 
a random number) of the supplementary key of the recording 
medium. This depiction of the executing apparatus 400 in 

25 two parts is merely to assist understanding, and it should 
be remembered that both parts are provided within the same 
apparatus . 
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As shown in FIG. 1, this conventional software 
executing system includes a recording medium 300 that 
stores various programs to be executed and an executing 
apparatus 400 that selectively executes one of the programs 
recorded on the recording medium 300. 

In more detail, the recording medium 300 stores the 
following information relating to the software program Sa: 

(1) an encrypted copy E (Ka, Sa) of the software program 
Sa produced by encrypting the software program Sa itself 
using the software key Ka (the copy hereafter being referred 
to as the "encrypted software E(Ka,Sa)"); 

(2) ' an encrypted software key/execution number 
E(Ra, (KA,nA) ) that is produced by encrypting a combination 
of the software key Ka and the remaining number of possible 
executions nA for the software program Sa using an exclusive 
supplementary key Ra for the software program Sa; and 

(3) an encrypted supplementary key E(R,Ra) produced 
by encrypting the supplementary key Ra using a random number 
R. 

In the same way, the recording medium 300 stores the 
following information relating to the software program Sb : 

(1) an encrypted copy E(Kb/Sb); 

(2) an encrypted software key/execution number 
E(Rb, (KB,nB) ) ; and 

(3) an encrypted supplementary key E(R,Rb). 
The notation E(y,x) used in this specification 

indicates that the information x has been encrypted using 



the information y as the encryption key. While the present 
example shows the case where the recording medium 300 only 
records the two software programs Sa and Sb/ it is customary 
for three or more programs to be recorded with the 
5 information described above relating to their execution. 
As shown in FIG. 1, the part of the executing 
apparatus 400 that handles the execution of software 
includes the following functional components 401-408. A 
O random number storing unit 401 stores a random number in 

in 10 a manner that prevents its stored content being read or 

m changed from outside the apparatus. A first decrypting 

O 

fy unit 402 decrypts an encrypted supplementary key (e.g., 

fu 

'~ E (R, Ra) ) stored on the recording medium 300 using the random 

number R stored in the random number storing unit 401. A 
^ 15 second decrypting unit 4 03 decrypts an encrypted software 
f key/execution number (e.g., E (Ra, (Ka, nA) ) ) stored on the 

recording medium 300 using the supplementary key decrypted 
by the first decrypting unit 402 . A third decrypting unit 
404 decrypts the encrypted software (e.g., E(Ka,Sa)) using 
20 the software key decrypted by the second, decrypting unit 
403. A software executing unit 405 executes the software 
program decrypted by the third decrypting unit 404. An 
execution number examining unit 406 examines the 
(remaining) execution number decrypted by the second 
25 decrypting unit 4 03 when a software program is to be 
executed and informs the software executing unit 405 
whether or not execution is permitted for the software 
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program. An execution number updating unit 4 07 updates 
the execution number in accordance with executions of the 
software program. A first encrypting unit 408 encrypts 
the software key decrypted by the second decrypting unit 
5 403 and the execution nximber updated by the execution 
number updating unit 4 07 using the supplementary key 
decrypted by the first decrypting unit 402 and updates the 
encrypted software key/execution number on the recording 
Q medium 300. 

Ifl 10 As shown m FIG. 2, the part of the executing 

m apparatus 400 that handles the updating of the encrypted 

J supplementary key includes a fourth decrypting unit 411, 

a random number updating unit 412, and a second encrypting 
unit 413. The fourth decrypting unit 411 decrypts the 
15 encrypted supplementary key of every software program on 
the recording medium 300 using the random number stored 
in the random number storing unit 401. The random number 
updating unit 412 updates the random number stored in the 
random number storing unit 401. The second encrypting 
20 unit 413 encrypts every supplementary key that has been 
decrypted by the fourth decrypting unit 411 using the 
random number that has been updated by the random number 
updating unit 412, and updates the encrypted supplementary 
key of each software program on the recording medium 300. 
25 The executing apparatus 400 shown in FIGS. 1 and 2 

uses the procedure described below to execute software 
programs stored on the recording medium 300 and update the 
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execution numbers of the executed programs. This 
procedure is called the "software execution procedure". 
In addition, the executing apparatus 4 00 updates the 
encrypted supplementary keys on the recording medium 300 
5 in accordance with the execution of programs . This is 
achieved by updating the random number used for the 
encrypting and then replacing the encrypted supplementary 
keys using this updated random number. This procedure is 

Q called the "encrypted supplementary key updating 

^ 10 procedure". 

^ FIG. 3 is a flowchart showing the software execution 

O 

lU procedure performed by the executing apparatus 400, while 

FIG. 4 is a flowchart showing the encrypted supplementary 
. key updating procedure performed by the executing 
:j 15 apparatus 400. The illustrated example focuses on the 

y I 

Q case where the software program Sa is executed, though the 

same procedures will be used when the software program Sb 
is executed. 

As shown in FIG. 3, the software execution procedure 
20- starts with the executing apparatus 400 obtaining the 

information relating to the software program Sa (which has 
been indicated by a user) from the recording medium 300 
(S301) . This information is the encrypted supplementary 
key E(R,Ra), the encrypted software key/execution number 
25 E (Ra, (Ka/ nA) ) , and the encrypted software E(Ka,Sa). The 
first decrypting unit 402 then decrypts the encrypted 
supplementary key E(R,Ra) using the random number R stored 
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in the random number storing unit 401 to obtain the 
supplementary key Ra (S302) . The second decrypting unit 
403 decrypts the encrypted software key/execution number 
E(Ra/ (KA,nA) ) using this supplementary key Ra to obtain the 
5 software key Ka and the execution number nA (S303) • The 
third decrypting unit 404 then decrypts the encrypted 
software E (Ka, Sa) to obtain the software program Sa (S304). 
After this, the execution number examining unit 40 6 
Q examines whether the execution number nA obtained in S303 

^ 10 is at least one (S305) . If not (S305:No), the procedure 
^ ends with the execution number examining unit 406 informing 

the software executing unit 405 that execution of the 
^- software program Sa is not permitted. If the execution 

y number nA obtained in S303 is one or greater (S305:Yes), 

ru 15 the execution number examining unit 406 informs the 

m 

Q software executing unit 405 that execution of the software 

program Sa is permitted, so that the software executing 
unit 405 executes the software program Sa (S306) . 

Once the software program Sa has been executed, the 
20 execution number updating unit 407 updates the execution 
number nA to nA* found by subtracting one from the current 
value (i . e - , nA* = (nA-1 ) ) (S307) . The first encrypting unit 
408 encrypts a combination of this updated execution number 
nA* and the software key Ka that was obtained in S302 using 
25 the supplementary key Ra (S308) . The encrypted software 
key/execution number E(Ra, iKp,,np,^) ) produced by the first 
encrypting unit 408 is then written onto, the recording 



7 



» I. 



medium 300 in place of the encrypted software key/execution 
number E(Ra, (KA^n^)) (S309) . This completes the software 
execution procedure . 

As shown in FIG, 4, the encrypted supplementary key 
5 updating procedure starts with all of the encrypted 

supplementary keys on the recording medium 300 (in this 
case, the encrypted supplementary keys E (R, Ra) and E (R, Rb) ) 
being obtained (S401) . The fourth decrypting unit 411 
P=i decrypts these encrypted supplementary keys E(R,Ra) and 

M 10 E(R, Rb) using the random number R stored in the random 
%I number storing unit 401 to obtain the supplementary keys 

p and Rb (S402) . 

e s : 

ry Next, the random number updating unit 412 updates the 

O random number R in the random number storing unit 401 using 

ry 15 the random number R' (S403) • The second encrypting unit 

m 

□ 413 then encrypts the supplementary keys Ra and Rb obtained 

~" in S402 using the new random number R' (S404). These 

encrypted supplementary keys E(R', Ra) and E(R',Rb) are 

then stored on the recording medium 300 in place of the 
20 encrypted supplementary keys E(R,Ra) and E(R,Rb) (S405) . 

This completes the encrypted supplementary key updating 

procedure . 

In this conventional software executing system, the 
software key and the execution number are stored on the 
25 recording medium in an encrypted form. This prevents 

users from editing the content of this data and so prevents 
the software programs from being used illegally. 




In particular, the above procedure has an updated 
random number stored in the executing apparatus 400 and 
on the recording medium 300 whenever a software program 
is executed. As one example, even if all the information 
5 on the recording medium 300 is copied, the copied recording 
medium 300 cannot be executed on any executing apparatus 
aside from the executing apparatus 400. Also, if a user 
somehow stopped the executing apparatus 400 writing (i.e. 
updating) information on the recording medium 300, the 
10 executing apparatus 4 00 would thereafter not be able to 
use the recording medium 300. This means that this 
conventional software executing system is capable of 
preventing users from making certain illegal uses of 
software. 

15 The above software executing system is however 

incapable of preventing users from illegally using 
software by backing up and later restoring part of the 
information on the recording medium 300. Users can back 
up an encrypted software key/execution number of a program 

20 recorded on the recording medium 300, execute the program 
a number of times, and then restore the backed-up copy of 
the encrypted software key/execution number. Execution 
of the software will thereafter be permitted according to 
this restored software key/execution number, so that users 

25 will be able to execute the software program in excess of 
the permitted number of executions. 

The following is a detailed description of the 
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illegal use of software in the above software executing 
system. FIG. 5 shows a specific example of the processing 
by the executing apparatus 400 and the changes in the data 
on the recording medium 300 that accompany the execution 
of the software program Sa in the above software executing 
system. FIG. 6 is a first drawing showing illegal usage 
of a conventional software execution system, while FIG. 
7 is a second drawing showing illegal usage. 

In the example in FIG. 5, the value "09185501" (in 
base 10) is used as supplementary key Ra, the value 
"11119442" is used as the software key Ka/ the value 
"02834370" as the random number R, and the value "97477116" 
as the random number R' . These supplementary keys, 
software keys and random numbers are used as decryption 
and encryption keys by the respective decrypting units and 
encrypting units when performing predetermined decryption 
and encryption algorithms . 

In this conventional software executing system, the 
execution of the software program Sa is accompanied by the 
execution number updating unit 407 updating the execution 
number nA (=5) to the updated execution number nA* (=4) The 
first encrypting unit 408 encrypts this updated execution 
number nA* along with the software key Ka using the 
supplementary key Ra and stores the result on the recording 
medium 300, so that the encrypted software key/execution 
number E (Ra, (Ka, nA) ) on the recording medium 300 is replaced 
with the encrypted software key/execution number 




When the software program Sa is executed, the random 
number updating unit 412 updates, the random number R to 
the random number R' . This updated random number R' is 
5 then used to encrypt the supplementary key Ra and the result 
is stored on the recording medium 300. As a result, the 
encrypted supplementary key E(R,Ra) is replaced with the 
encrypted supplementary key E(R',Ra). 
Q As shown in FIG, 6, the software execution procedure 

y 10 described above (FIG. 3) updates the encrypted software 
key/execution number and the encrypted supplementary key 
updating procedure (FIG. 4) updates the encrypted 

f y 

supplementary keys. 
□ When the software program Sa is executed for the first 

V 15 time, the software execution procedure updates the 
3 encrypted software key/execution number E (Ra, (Ka, nA' ) ) 

where nA'=nA-l (see columns (a) and (b) in FIG. 6), while 
the encrypted supplementary key updating procedure updates 
the encrypted supplementary key from E(Ro,Ra) to E(Ri,Ra) 
20 where Rit^Rq. Here, assume that the encrypted software 

key/execution number E (Ra, (Ka, nAi) ) is recorded ("backed 
up" ) by a given information recording apparatus (see 
columns (b) and (c) in FIG. 6) . 

As shown in FIG. 7, when the software program Sa is 
25 executed for a k^^ time (the software program Sa having 
already been executed k-2 times where k is an integer that 
is two or greater) , the software execution procedure 
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updates the encrypted software key/execution number from 
E(Ra/ (KA,nA(k-i) ) ) where nA(k-i)=nAo-k+l toE(RA, (KA,nAk)) where 
nAk=nAo~k (see columns (a) and (b) in FIG, 7) . 
The encrypted supplementary key updating procedure updates 
the encrypted supplementary key from E (Rk-i/ Ra) to E (Rk, Ra) f 
where Rk-i#Ro/ Ri/ " • ' / Rk-2 ^nd Rk^Ro/ Ri/ ' " * ^ Rk-i (see columns 
(b) and (c) in FIG. 7) • 

Assume that after the software program Sa has been 
executed for the k^-^ time, the user restores the backed-up 
encrypted software key/execution number E (Ra, (Ka, nAi) ) 
onto the recording medium 300 (see column (d) in FIG. 7) . 
An executing apparatus 400 with the construction and 
operation shown in FIGS. 1 to 4 will end up executing the 
software program Sa in accordance with the illegally 
restored encrypted software key/execution number 
E (Ra, (KA/nAi) ) f resulting in the user executing the 
software program SAmore that the permitted number of times . 
By repeating this restoring of the encrypted software 
key/execution number E (Ra, (Ka, nAi) ) , the user can 
completely invalidate the setting of the execution number 
and can execute software on the recording medium as many 
times as he or she likes. 

SUMMARY OF THE INVENTION 

In view of the problems with the conventional art, 
it is a first object of the present invention to provide 
a data usage controlling system that prevents users from 



illegally using main data by backing up condition 
information, such as limitations on the usage of the main 
data, and then restoring the backed-up copy of the 
condition information after making several uses of the main 
data . 

The data usage controlling system of the present 
invention (1) reads (a) main data, (b) a type 2 key that 
has been encrypted using a type 1 key, and (c) condition 
information that has been encrypted using the type 2 key 
from a recording medium. The data usage controlling 
system also reads the type 1 key from a predetermined 
storage unit, decrypts the condition information using the 
type 2 key, and subsequently controls usage of the main 
data read from the recording medium in accordance with the 
decrypted condition information. 

In accordance with the usage of the main data, the 
data usage controlling system updates the condition 
information, generates a new type 2 key, updates the stored 
type 1 key, encrypts the condition information using the 
newly generated type 2 key, and replaces the encrypted type 
2 key on the recording medium- The data usage controlling 
system also encrypts the newly generated type 2 key using 
the updated type 1 key and replaces the encrypted type 2 
key on the recording medium. 

If the user backs up the condition information 
(including the execution number) on a certain information 
recording apparatus and restores the backed-up copy after 
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making several uses of the main data, the supplementary 
key that was used to encrypt the restored condition 
information will differ from the supplementary key stored 
on the recording medium, so that the present data usage 
5 controlling system is capable of preventing users from 
making conventionally possible illegal operations in which 
main data is made usable by changing the originally set 
condition information by restoring a backed-up copy of the 
condition information. 

10 Another data usage controlling apparatus of the 

present invention reads (a) main data, (b) a type 2 key 
that has been encrypted using a type 1 key, and (c) 
condition information that has been encrypted using the 
type 2 key from a recording medium storing n (where n is 

15 an integer no less than two) sets of main data, a type 2 
key, and condition information. The data usage 
controlling system also reads the type 1 key from a 
predetermined storage unit, decrypts the condition 
information _using the type 2 key, and controls usage of 

20 the read main data in accordance with the decrypted 
condition information. 

This data usage controlling apparatus generates a new 
type 2 key in accordance with usage of the main data, 
encrypts the decrypted condition information using the new 

25 type 2 key and replaces the encrypted condition information 
on the recording medium with the newly encrypted condition 
information. The data usage controlling apparatus also. 
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decrypts all (n-1) encrypted type 2 keys on the recording 
medium that are not the updated type 2 key using the type 
1 key, updates the type 1 key after all (n-1) encrypted 
type 2 keys have been decrypted, encrypts all n type 2 keys 
using the updated type 1 key, and replaces all n encrypted 
type 2 keys on the recording medium with the newly encrypted 
type 2 keys • 

As a result, the type 2 keys that are used to encrypt 
the condition information are updated in accordance with 
the usage of the main data, thereby achieving greater 
protection against the copying and alteration of the 
condition information than was conventionally possible. 
This means that the illegal usage of the main data through 
the alteration of the initially set condition information 
(such as an expiry date, number of executions, or specified 
region of use) is prevented for a recording medium storing 
a plurality of sets of main data.. 

Here, the data usage controlling system may update 
the decrypted condition inf ormation in accordance with the 
use of the main data, encrypts this new condition 
information using the newly generated type 2 key, and use 
the resulting encrypted condition information to replace 
the encrypted condition information on the recording 
medium. 

As a result, the present data usage controlling 
system is capable of preventing the conventionally 
possible illegal usage of main data on a recording medium. 



which stores a plurality of sets of main data, wherein a 
user restores a backed-up copy of the condition 
information . 

BRIEF DESCRIPTION OF THE DRAWINGS 
5 These and other objects, advantages and features of 

the invention will become apparent from the following 

description taken in conjunction with the accompanying 

drawings which illustrate a specific embodiment of the 

invention. In the drawings: 
10 FIG. 1 is a first block diagram showing the 

composition of a recording medium 300 and an executing 

apparatus 400 included in a conventional software 

executing system; 

FIG. 2 is a second block diagram showing the 
15 compositions of the recording medium 300 and the executing 

apparatus 400 included in a conventional software 

executing system; 

FIG. 3 is a flowchart showing the software execution 

procedure performed by the executing apparatus 400; 
20 FIG. 4 is a flowchart showing the encrypted 

supplementary key updating procedure performed by the 

executing apparatus 400; 

FIG. 5 shows a specific example of the processing by 

the executing apparatus 400 and the changes in the data 
25 on the recording medium 300 that accompany the execution 

of the software program Sa in this conventional software 

executing system; 
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FIG- 6 is a first drawing showing illegal usage of 
the software program Sa in this conventional software 
execution system; 

FIG. 7 is a second drawing showing illegal usage of 
5 the software program Sa; 

FIG. 8 is a first block diagram showing a recording 
medium 100, and an executing apparatus 200 in a digital 
content usage controlling system that is one embodiment 
f:=, of the present invention; 

?y 10 FIG. 9 is a second block diagram showing the recording 

y I 

£ medium 100 and the executing apparatus 200 in this digital 

5 content usage controlling system; 

: y 

fU FIG. 10 is a flowchart showing the digital content 

O using procedure performed by the executing apparatus 200; 

CSS 

m 15 FIG. 11 is a flowchart showing the encrypted 

s i I 

n supplementary key updating procedure performed by the 

n ■ 

executing apparatus 200; 

FIG. 12 shows a specific example of the processing 
of the executing apparatus 200 and the resulting changes 
20 to the data on the recording medium 100 that occur when 
the digital content Ma is used by the present digital 
content usage controlling system; 

FIG. 13 is a first drawing that is used to explain 
how the present digital content usage controlling system 
25 prevents the illegal usage of digital contents; and 

FIG. 14 is a second drawing that will be used to 
explain how the present digital content usage controlling 
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system prevents the illegal usage of digital contents. 



DESCRIPTION OF THE PREFERRED EMBODIMENT 
5 The following describes a digital content usage 

controlling apparatus that is an embodiment of the present 
invention/ with reference to the attached drawings. 

FIG. 8 is a first block diagram showing a recording 
^ medium 100 and an executing apparatus 200 in a digital 

■O 10 content usage controlling system that is one embodiment 
IJi of the present invention^ while FIG. 9 is a second block 

Q diagram showing the recording medium 100 and the executing 

fli apparatus 200 in this digital content usage controlling 

Q system. 

T. 15 Like the software executing system described in the 

yj related art, the executing apparatus 200 of the present 

D digital content usage controlling system is described as 

being divided into a part, shown in FIG. 8, that is involved 
in the usage of digital content and a part, shown in FIG. 
20 9, that is involved in the updating of the encrypted 

supplementary keys on the recording medium. It should be 
remembered, however, that both these parts are included 
in the same apparatus. 

As shown in FIG. 8, the present digital content usage 
25 controlling system includes a recording medium 100 and an 
executing apparatus 200. The recording medium 100 is a 
hard-disk drive (HDD) or the like, and stores a number of 
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digital contents that can be digitized images, audio or 
the like. The executing apparatus 200 is composed of 
typical computer components, such as a CPU, a RAM, a ROM, 
an HDD etc., and selectively uses (here, reproduces) one 
5 digital content at a time in accordance with a user's 
instruction. Note that the separate operational units 
shown in FIGS. 8 and 9 can be achieved in part or in whole 
by software. 

In more detail, the recording medium 100 stores the 
hfl 10 following information for the digital content Ma: 
£ri (1) an encrypted copy E (SK, Ma) produced by encrypting 

g the digital content Ma using the key SK that is unique to 

the executing apparatus 200 (the copy hereafter being 
L. referred to as the "encrypted digital content E(SK,Ma) ") ; 

J 15 (2) encrypted usage conditions E(Ra, Ia) produced by 

W encrypting the usage conditions Ia of the digital content 

O Ma using a supplementary key Ra that is unique to the digital 

content Ma; and 

(3) an encrypted supplementary key E(R,Ra) produced 
20 by encrypting the supplementary key Ra using a random number 
R. 

The recording medium 100 similarly stores the 
following information for the digital content Mb: 
(1) an encrypted copy E(SK,Mb); 
25 (2) encrypted usage conditions E( Rb, Ib) f and 

(3) an encrypted supplementary key E(R,Rb). 
The usage conditions Ia and Ib are each composed of 
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information limiting the usage of the digital contents 
and Mb, such as an expiry date, a permitted number of 
executions, and/or a region of use. The digital contents 
Ma and Mb are therefore reproduced in accordance with these 
usage conditions 1^ and Ib- 
^1 / The part of the executing appkratus 200 that relates 
to the usage (e.g., reproduction jf of digital contents 
includes the following functionafl components. A random 
number storing unit 201 stores a Arandom number in a manner 
10 that prevents its stored contenttoeing read or changed from 
outside the executing apparatus 200. This random number 
storing unit 2 01 can be composed of a circuit that does 
not have an interface allowimg access from outside the 
executing apparatus 200. A first decrypting unit 202 , 
15 decrypts an encrypted supplementary key stored on the 

recording medium 100 using tJne random number stored in the 
random number storing unit/201 to obtain a supplementary 
key. A second decrypting linit 203 decrypts the encrypted 
usage conditions on the riecording medium 100 using the 
20 supplementary key obtained by the first decrypting unit 
202 to obtain the usage conditions. A unique key storing 
unit 209 stores the unique key SK in a manner which prevents 
the unique key from being read or written from outside the 
executing apparatus 20Q[. A third decrypting unit 204 
25 decrypts an encrypted dd/gital content using the unique key 
stored in the unique key storing unit 209 to obtain a 
digital content. A digital content using unit 205 uses 
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the digital content ("using" meaning "reproducing" in the 
case of audio or image inf ormaycion) decrypted by the third 
decrypting unit 204 . A usage condition examining unit 206 
examines the usage conditions decrypted by the second 
5 decrypting unit 203 when d digital content is to be used, 
judges whether the usage'^ of the digital content is 
permitted, and informs ^he third decrypting unit 204 

^ 1 whether or not decrypt/ng is permitted for the digital 
content. A usage condition updating unit 207 updates the 

10 usage conditions, sucj/i as the remaining number of permitted 
executions, in acco:ydance with the usage of digital 
contents. A supplementary key generating unit 210 
generates a new supplementary key in accordance with the 
usage of digital contents. A first encrypting unit 208 

15 uses the supplementary key generated by the supplementary 
key generating unit 210 to encrypt the usage conditions, 
which have been iupdated by the usage condition updating 
unit 207, and so updates the encrypted usage conditions 
on the recording medium 100. 

20 As shown in FIG. 9, the part of the executing 

apparatus 200 that relates to the updating of the encrypted 
supplementary key includes the following functional 
components. A fourth decrypting unit 211 decrypts the 
encrypted supplementary key of each digital content stored 

25 on the recording medium 100 using the random number stored 
in the random number storing unit 201, and so obtains the 
supplementary key of each digital content. A random 
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number updating unit 212 updates the random number stored 
in the random number storing unit 201 . A second encrypting 
unit 213 uses the random number updated by the random number 
updating unit 212 to encrypt the supplementary key (Ra* 
5 in FIG. 9) generated by the supplementary key generating 
unit 210 and the supplementary keys (here, Rb) of all 
digital contents on the recording medium 100 except for 
the digital content that has just been used, before storing 
the encrypted supplementary keys onto the recording medium 

fi 10 100 to update the encrypted supplementary key of each 

%} digital content. 

bl Like the executing apparatus 400 described in the 

related art, this executing apparatus 200 with the 
Q construction shown in FIGS. 8 and 9 performs a digital 

fu 15 content using procedure to selectively use a digital 

m 

Q content and update the usage conditions on the recording 

medium 100 and an encrypted supplementary key updating 
procedure to update the encrypted supplementary keys on 
the recording medium 100 at an appropriate timing. 

20 FIG. 10 is a flowchart showing the digital content 

using procedure performed by the executing apparatus 200, 
while FIG. 11 is a flowchart showing the encrypted 
supplementary key updating procedure performed by the 
executing' apparatus 200. The illustrated example is for 

25 the case where the user has already selected the digital 
content on the recording medium 100 for reproduction, 
although the same procedure is used when, the digital 
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content Mb is selected. 

As shown in FIG. 10, the digital content using 
procedure starts the information relating to the digital 
content Ma (i.e., the encrypted supplementary key E(R,Ra) , 
5 the encrypted usage conditions E (Ra, Ia) / and the encrypted 
digital content E(SK,Ma)) being obtained from the 
recording medium 100 (SlOl) . Next, the first decrypting 
unit 202 decrypts the encrypted supplementary key E(R,Ra) 
using the random number R stored in the random number 
3 10 storing-unit 201 to obtain the supplementary key Ra (S102) . 
Lfi The second decrypting unit 2 03 then decrypts the encrypted 

S usage conditions E(Ra, Ia) using this supplementary key Ra 

to obtain the usage conditions Ia (S103) . 
1. Next, the usage condition examining unit 206 examines 

T 15 the usage conditions Ia obtained in SIOS to see if the 
y limitations regarding the expiry date, number of uses, and 

Q region of use etc. are satisfied (S104). 

If the usage conditions Ia are not satisfied (S104 :No) , 
the usage condition examining unit 20 6 informs the third 
20 decrypting unit 204 that the digital content Ma cannot be 
used, thereby completing the digital content using 
procedure. 

If the usage conditions Ia are satisfied (S104:Yes) , 
the usage condition examining unit 206 informs the third. 
25 decrypting unit 204 that the digital content Ma can be used. 
The third decrypting unit 204 starts to decrypt the 
encrypted digital content E(SK>Ma) using the unique key 
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SK stored in the unique key storing unit 209 and the digital 
content using unit 205 starts to use the digital content 
Ma that is being decrypted (S105) . In this case, the 
digital content Ma is digitized music, so that "using" the 
digital content Ma means reproducing the music represented 
by the digital content Ma. 

This usage of the digital content Ma is accompanied 
by the usage condition updating unit 207 reducing the 
execution number by one to update the usage conditions Ia 
to the usage conditions Ia' (S106) . The supplementary key 
generating unit 210 generates a new supplementary key Ra' 
that differs from the supplementary key Ra that was used 
by the second decrypting unit 203 (S107) . 

The first encrypting unit 208 encrypts the usage 
conditions Ia' produced in S106 using the supplementary 
key Ra' generated in S107 to produce the encrypted 
supplementary key E(Ra',Ia') and stores this onto the 
recording medium 100 to update the encrypted usage 
conditions (3108) . This completes the digital content 
using procedure. 

As shown in FIG. 11, the encrypted supplementary key 
updating procedure begins with the executing apparatus 200 
obtaining an encrypted supplementary key of each digital 
content on the recording medium 100 (in this case the 
encrypted supplementary keys E(R,Ra) and E(R,Rb)) (S201) . 
The fourth decrypting unit 211 then decrypts each of these 
encrypted supplementary keys E (R,Ra) and E(R,Rb) using the 



random number R stored in the random number storing unit 
201 to obtain the supplementary keys Ra and Rb (S202) . 

Next, the random number updating unit 212 updates the 
random number R in the random number storing unit 2 01 to 
the random number R' (S203) • Of the supplementary keys 
Ra and Rb obtained in S202, the supplementary key Ra that 
was used to decrypt the usage conditions of the digital 
content Ma is replaced with the supplementary key Ra' 
generated in S107 (S204) . The second encrypting unit 213 
encrypts the supplementary keys Ra' and Rb using the random 
number R' that was updated in step S203 (S205) , and the 
resulting encrypted supplementary keys E(R',Ra') and 
E(R' ,Rb) are recorded on the recording medium 100 in place 
of the encrypted supplementary keys E(R,Ra) and E(R,Rb) 
(S206) . This completes the encrypted supplementary key 
updating procedure. 

In this digital content usage controlling system, 
each supplementary key is stored on the recording medium 
having been encrypted using a random number, the usage 
conditions are stored having been encrypted using a 
supplementary key, and the digital contents are stored 
having been encrypted using a unique key. This stored 
information cannot be edited and illegal usage of the 
digital content is prevented. 

The procedures described above result in an updated 
random number being stored in the executing apparatus 200 
and on the recording medium 100 every time a digital content 



is executed. If a user were to copy all of the information 
on the recording medium 100, it would not be possible to 
use the copied recording medium on any executing apparatus 
apart from the executing apparatus 200 . Alternatively, 
5 if the user somehow prevented the executing apparatus 200 
from updating the information on the recording medium 100, 
the executing apparatus would not be able to use the 
recording medium 100 thereafter. This means that the 
present digital content usage controlling system is 
5 capable of preventing certain illegal usage of digital 

m content in the same way as the software executing system 

S described in the related art. 

Jfj Like the software executing system described in the 

1. related art section, the execution apparatus in the present 

4= 15 digital content usage controlling system stores only one 

I y 

W random number for a number of digital contents on the 

S recording medium. This reduces the size of the 

inaccessible storage area in the executing apparatus when 
compared to the case where a different random number 
20 (encryption key) is used for each of a number of digital 
contents, and in turn reduces the cost of manufacturing 
a device capable of stopping the certain illegal uses of 
a digital content . 

Unlike the system described in the related art, the 
25 present digital content usage controlling system is also 
capable of preventing the illegal usage of the main data 
(i.e., digital contents) stored on the recording medium 
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that was described using FIGS. 5 to 7 . This illegal usage 
is the case where a user changes the stored content of the 
recording medium after several uses of a digital content 
by restoring a backed-up copy of the usage conditions made 
5 previously. This illegal operation would normally enable 
the user to use the digital content in excess of the 
permitted number of operations. The following describes 
how the present digital content usage controlling system 
stops such illegal operations, with reference to FIGS. 12 

10 to 14, which correspond to FIGS. 5 to 7 . 

FIG. 12 shows a specific example of the processing 
of the executing apparatus 200 and the resulting changes 
to the data on the recording medium 100 that occur when 
the digital content Ma is used by the present digital 

15 content usage controlling system. FIG. 13 is a first 

drawing and FIG. 14 is a second drawing that will be used 
to explain how the present digital content usage 
controlling system prevents the illegal usage of digital 
contents . 

20 In the example shown in FIG. 12, the supplementary 

key Ra is assumed to be "05142578" (in base 10), the 
supplementary key Ra' is assumed to be "10558190", the 
random number R is assumed to be "0932 6166", and the random 
number R' is assumed to be "07343820". The various 

25 decrypting (and encrypting) units use these supplementary 
keys and random numbers as decryption (encryption) keys 
when performing predetermined encryption (or decryption) 
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algorithms. As an actual example, the encryption keys may 
be used in block encryption such as DES (Data Encryption 
Standard) . 

In the present digital content usage controlling 
5 system, the usage of a digital content Ma is accompanied 
in particular by the following operations . The usage 
condition updating unit 207 updates the usage number in 
the usage conditions Ia from I2A ( = 8) to I2a' (=7) . The 
p supplementary key generating unit 210 generates a 

^ 10 different supplementary key Ra' to the supplementary key 
g Ra which was read from the recording medium 100 and 

decrypted. The first encrypting unit 208 encrypts the 
usage conditions Ia' including the updated usage number 
y I2a' using the generated supplementary key Ra' and stores 

ly 15 the result on the recording medium 100, so that the 
O encrypted usage conditions E (Ra, Ia) on the recording medium 

100 are updated to the encrypted usage conditions 
E(Ra',Ia')* In accordance with the usage of the digital 
content Ma, the random number updating unit 212 updates 
20 the random number R to R' . The second encrypting unit 213 
encrypts the generated supplementary key Ra using this 
updated random number R' and the result is stored on the 
recording medium 100 so that the encrypted supplementary 
key E(R,Ra) on the recording medium 100 is updated to 
25 E(R' ,Ra' ) . 

As shown in FIG. 13, the encrypted usage conditions 
are updated by the digital content using procedure (shown 
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in FIG. 10), while the encrypted supplementary keys are 
updated by the encrypted supplementary key updating 
procedure (shown in FIG. 11) . 

When the digital content Ma is used for the first time, 
5 the digital content using procedure updates the encrypted 
usage conditions E{Rao/Iao). where the usage conditions Iao 
include the usage number Isao/ to the encrypted usage 
conditions ECRai^Iai). where the usage conditions Iai 
include the usage number I2A1 (where I2ai= 12ao~ 

1) (see 

10 columns (a) and (b) in FIG. 13) . The encrypted 

supplementary key updating procedure then updates the 
encrypted supplementary key from E(Ro/Rao) to E(Ri,Rai)^ 
where Ri?^Ro and Rai#Rao. Assume here that the encrypted 
usage conditions E(Rai,Iai) at this point are backed up by 

15 a certain information storage device (see columns (b) and 
(c) in FIG. 13) . 

As shown in FIG. 14, when the digital content Ma is 
used for the k*^ time (where k is an integer of 2 or more 
and the preceding uses of the digital content Ma- are 

20 performed properly) , the digital content using procedure 
updates the encrypted usage conditions E (Raoc-d / Iaoc-d ) / 
where the usage conditions lA(k-i) include the usage number 
l2A(k-i) (=I2A0 - k+1) , to the encrypted usage conditions 
E(RAk/lAk) / where the usage conditions lAk include the usage 

25 number l2Ak(=l2A0- k) (see columns (a) and (b) in FIG. 14) . 

The encrypted supplementary key updating procedure 
updates the encrypted supplementary key from E (Rk-i/ RA(k-i) ) f 
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where Rk-i 9^ Ro/ Ri,-"-/ Rk-2 and RA(k-i)^RAO/ Rai/ • ' • ^ RA(k-2) / to 
E (Rk/ RAk) / where Rk ^ Ro/ Ri/ ' " ' / Rk-i and RA(k)^RAo. Rai/ * • • / RA(k-i) 
(see columns (b) and (c) in FIG. 14) • 

Even if the user restores the backed-up copy of the 
5 encrypted usage conditions E(Rai/Iai) onto the recording 
medium 100 after the digital content Ma has been used for 
the k^^ time (see column (d) in FIG. 14) , the supplementary 
key Rai that was used to encrypt the usage conditions 
E(Rai/Iai) will differ from the supplementary key RAk that 

10 is stored on the recording medium 100 as encrypted 

supplementary key E(Rk,RAk) • In this case, the executing 
apparatus 200 will judge that the encrypted usage 
conditions E(Rai,Iai) and the encrypted supplementary key 
E(RkfRAk) for the encrypted digital content E(SK,Ma) are 

15 invalid. 

In other words, the executing apparatus 200 is 
capable of preventing illegal uses being made in excess 
of the original permitted number of uses. Such illegal 
operations are conventionally possible by using a digital 

20 content on a recording medium a number of times and then 
restoring a backed-up copy of the usage information of the 
digital content onto the recording medium. 

Even if the user backs up both the encrypted usage 
conditions and the encrypted supplementary key and then 

25 restores this information after making several uses of a 
digital content, the random number used to encrypt the 
supplementary key will have been updated every time the 
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digital content was used. This means that it will not be 
possible to use the digital content more than the original 
set number of uses, such as that given in the usage 
conditions . 

5 Note that while the present digital content usage 

controlling system generates a supplementary key every 
time a digital content is used, a supplementary key may 
be generated every time a predetermined number of uses have 
_ been made of a digital content. The effectiveness of such 

10 a system can be increased if this predetermined number is 
kept secret from users. 

On 

O In the above digital content usage controlling system, 

w the recording medium is assumed to be a hard disk drive 

O (HDD) , a memory card, a DVD-RAM disc or the like, with the 

ry 15 above explanation describing the case where all of the 
r4 mentioned information is recorded on a single recording 

medium. However, the digital content may be recorded on 
a first medium (such as a CD-ROM) that is "read-only and 
the encrypted supplementary key and encrypted usage 
20 conditions may be stored on a second medium (such as an 
HDD) that is rewritable. 

Part or all of the information can be managed by an 
information managing apparatus and then obtained from the 
information managing apparatus by an executing apparatus 
25 when necessary. As a particular example, a digital 

content may be encrypted using a predetermined encryption 
key which the executing apparatus obtains from the 
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information managing apparatus when using the digital 
content to enable the executing apparatus to decrypt the 
digital content. 

The above digital content usage controlling system 
5 describes the case where the main data recorded on the 
recording medium are digital contents such as moving images, 
still images, and audio, with usage of such information 
amounting to its reproduction by an executing apparatus. 
However, the information recorded on the recording medium 
^ 10 may be computer programs, in which case usage of the 
Lfi information amounts to the execution of the computer 

g programs . 

^ The second decrypting unit in the above digital 

L, content usage controlling system is described as using a 

J 15 random number as the encryption key, although this key need 
m not be a random number and instead can be a value which 

O is updated by performing a predetermined calculation, such 

as by incrementing the current value by one. 

* While the executing apparatus in the above digital 
20 content usage controlling system stores the random number, 

the random number may instead be stored on the recording 

medium. 

Although the present invention has been fully 
described by way of examples with reference to accompanying 
25 drawings, it is to be noted that various changes and 

modifications will be apparent to those skilled in the art. 
Therefore, unless such changes and modifications depart 
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from the scope of the present invention^ they should be 
construed as being included therein. 
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